## Critical Vulnerabilities Discovered in Universal Robots Polyscope 5 Successful exploitation of these vulnerabilities could allow an attacker to bypass authentication and execute code. [View CSAF](https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-134-17.json) ### Affected Versions The following versions of **Universal Robots Polyscope 5** are affected: * Polyscope 5 <5.25.1 ### Vulnerability Details The most critical vulnerability is an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'). | CVSS | Vendor | Equipment | Vulnerabilities | | :----- | :----------------- | :------------------------ | :------------------------------------------------------------------------------ | | v3 9.8 | **Universal Robots** | **Universal Robots Polyscope 5** | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') | ### Background * **Critical Infrastructure Sectors:** Critical Manufacturing * **Countries/Areas Deployed:** Worldwide * **Company Headquarters Location:** Denmark ### Acknowledgments **Vera Mens** of **Claroty Team82** reported these vulnerabilities to **CISA**. ### Recommended Practices **CISA** recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Key recommendations include: * Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet. * Locate control system networks and remote devices behind firewalls and isolating them from business networks. * When remote access is required, use more secure methods, such as Virtual Private Networks (**VPNs**), recognizing **VPNs** may have vulnerabilities and should be updated to the most current version available. Also recognize **VPN** is only as secure as the connected devices. **CISA** reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. **CISA** also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several **CISA** products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies. **CISA** encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies. Organizations observing suspected malicious activity should follow established internal procedures and report findings to **CISA** for tracking and correlation against other incidents. **CISA** also recommends users take the following measures to protect themselves from social engineering attacks: * Do not click web links or open attachments in unsolicited email messages. * Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. * Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks. No known public exploitation specifically targeting these vulnerabilities has been reported to **CISA** at this time. ### Revision History * **Initial Release Date:** 2026-05-14 | Date | Revision | Summary | | :--------- | :------- | :----------------- | | 2026-05-14 | 1 | Initial Publication |